Creating an environment where risk awareness is business as usual is easier said than done, but it’s possible. That was the message at Defining Conduct and Culture Risk for Your Organization session at the 2022 ABA Regulatory Compliance Conference.
Here are five top takeaways for promoting risk-aware culture and conduct:
Tone from the top and training. You’re probably tired of hearing experts go on about the importance of training and tone from the top. The reason you keep hearing about it is because so many financial institutions are getting it wrong.
1. Tone from the top and training. You’re probably tired of hearing experts go on about the importance of training and tone from the top. The reason you keep hearing about it is because so many financial institutions are getting it wrong.
The name of the game is transparency. An institution should be open about its actions and expectations. Management should find ways to incorporate the risk culture into strategy. Those efforts should be regularly communicated to staff, explaining risk culture and how it integrates into the business.
Employees should also know where to easily find the information they need to support the risk management culture.
2. Link risk culture to compensation. People listen best when their wallets are involved. If you want to show employees your institution is serious about a proactive risk management culture, link compensation to culture by including elements of risk management in every annual review.
This isn’t a yes or no question. There should be clearly defined metrics for measuring how well employees understand risk. Sources of quantitative data can include employee surveys and testing and monitoring of key performance indicators (KPIs) linked to effective risk management.
3. Encourage reporting. Provide a forum where employees can report concerns—whether it’s an anonymous tip line or an online form. Emphasize that there won’t be any kind of retaliation and have guardrails in place to ensure that’s true.
There should also be a process to investigate reported concerns. A common theme in enforcement actions and other cautionary tales is failing to take those who raise risk management and compliance issues seriously or do anything about the problem.
4. Culture can thrive in a remote work environment. Just because employees aren’t in-person together doesn’t mean a financial institution can’t foster a strong risk management culture. It’s all about fostering engagement.
It’s all about consistent communication. Financial institutions have reported success with regular townhall meetings to communicate companywide information, 15-minute online coffee times where employees are encouraged to connect with fellow employees on a personal level, and multiple one-on-one meetings.
5. Have empathy. When people get to know each other, it creates a sense of community that helps humanize employees and bring employees together to work towards a common goal. This empathy makes employees feel supported, which leads to happier, more loyal employees (and more organizational buy-in for initiatives like culture building).
A strong culture should be the goal of every organization. Want more insights into risk management culture?
Read more: Culture and Conduct for FIs: Ncontracts and RMA Discuss Survey Results